Merge branch 'consistent-reqid'
authorMartin Willi <martin@revosec.ch>
Wed, 19 Jun 2013 14:31:06 +0000 (16:31 +0200)
committerMartin Willi <martin@revosec.ch>
Wed, 19 Jun 2013 14:31:06 +0000 (16:31 +0200)
commit4f88ad669a2a5d65bd7e6d60896df14246f58a5e
tree809157a900b51683a63a3f33fc8d7a0ad7a0eec5
parentde2debf8e0759c974c734cacab9549451eceb236
parenta7bc0bf4a6c091637e81eec0c268e5947f5c1e21
Merge branch 'consistent-reqid'

Checks if a trap policy exists when installing a CHILD_SA as responder,
reuse that reqid and keeping the trap untouched. This makes auto=route on
both sides more reliable.

In addition, we no prevent to refcount an existing policy if the reqid differs;
this should not happen anymore. We now can properly reject new CHILD_SAs in
such conflicts, instead of silently breaking an existing policy.